Forum woes

[bubba]

If you use a decent password manager like Lastpass then you don't need to type in your username or password - the plugin autofills it for you.

The main pain with this situation is when you've typed a long reply to somebody only to find you've been logged out when you try to post it. I believe that some browsers can lose your text, though Firefox never seems to. If I'm writing a reply of any length I periodically copy the contents to my clipboard anyway.

 

[Amy]

Firefox can also manage passwords too. And yeah, it is good at remembering text, it does for me. <3 firefox.

 

[bubba]

Firefox does indeed have a pretty good built in password manager but it's only secure if you set the Master Password option on.

The advantage of something like Lastpass is that you can access your passwords from anywhere, on any computer. You can do this in Firefox using an addon like Xmarks (now also owned by Lastpass!) It also offers lots of other nice features and above all it's totally free unless you want to pay for the phone apps.

I now only remember one master password and then everything else is handled by Lastpass using extremely strong passwords. Before, I used to use a few same passwords for everything, a big no-no.

 

[bubba]

Ok, I've firewalled about 40 IPs this afternoon which were the chief ones carrying out this sort of attack.

It's helped for now, but I suspect this will have to be a regular thing in order to stay effective long term. It's a big pain in the arse but there we go.

 

[Les W]

Ok, I've firewalled about 40 IPs this afternoon which were the chief ones carrying out this sort of attack.

It's helped for now, but I suspect this will have to be a regular thing in order to stay effective long term. It's a big pain in the arse but there we go.

Cheers Bubba.
I realise it is a major pain in the arse and probably as effective as pissing into the wind but it is appreciated.

 

[bubba]

After getting logged out of ukb once every minute for the whole of yesterday, I've installed a whole shit-load of anti-spam/anti-bot measures which will hopefully reduce this problem to a minimum.

Anyone trying to login, register or even just view the forum is now checked for having "bot like" headers, and against the Project Honeypot and Stop Forum Spam databases.

This may cause you problems if you access the forum using a proxy server but the new facilities should allow you to prove yourself human. Sorry if this catches you but this problem and the signature spam profiles needed to be addressed. 

I've deleted nearly 3000 spam profiles across ukbouldering and ukcaving this week 

 

[Amy]

WOW thanks for your work, bubba 

since your post yesterday I've not been logged out, btw.

 

[dunc]

After getting logged out of ukb once every minute for the whole of yesterday, I've installed a whole shit-load of anti-spam/anti-bot measures which will hopefully reduce this problem to a minimum.

Anyone trying to login, register or even just view the forum is now checked for having "bot like" headers, and against the Project Honeypot and Stop Forum Spam databases.

This may cause you problems if you access the forum using a proxy server but the new facilities should allow you to prove yourself human. Sorry if this catches you but this problem and the signature spam profiles needed to be addressed. 

I've deleted nearly 3000 spam profiles across ukbouldering and ukcaving this week 

Whilst it wasn't every minute the day I posted the above, it was particularly crappy, hence why I gave up!

Good work though bubba, hope it keeps the arses away.. 

 

[paul]

Good work though bubba, hope it keeps the arses away.. 

I'll second that. 

 

[Roger W]

Just had a quick before-bedtime glance without logging in and read the latest on this thread.

Logged in - no trouble at all.  And it's been OK for the last day or so.

Well done, Bubba.    :bow:    :bow:

We just don't realise how much goes on behind the scenes...

 

[bubba]

Thanks all.

Overnight across the two sites, the new software has blocked 970 spam/login/registration attempts. Not bad at all

 

[Rhys]

Nice work Bubba!

 

[martinm]

Yes, but it also says I'm a robot everytime I try and use the forum and makes me answer 2 simple maths questions which I find a bit annoying!

 

[bubba]

Well, there's a good reason for that.

If I check your IP address against Project Honeypot then we see the following (I've edited your full IP so as not to appear here):

Example Messages Sent From 82.132.xxx.xxx
From: USAA.Web.Services@customermails.usaa.com
Subject: instructions from customer service team
From: Артем ��ол��бо��
Subject: ДЕЛОВОЙ АНГЛИЙСК
From: Pfizer <noreply@pfizer.com>
Subject: claudette_schmelzer@goodtime.minibrothels.info Pfi
From: onelov4739@4hire.co.nz
Subject: Hi shirly.e.stomberg
From: Оля
Subject: Замки, ручки, фурнитура. Расп
From: "OpenMarketTV" <deifiesk8@royahakakian.com>
Subject: Создание имиджа и рекламы пре
From: "OpenMarketTV" <foregoings417@razzi.com>
Subject: Создание имиджа и рекламы пре
From: "OpenMarketTV" <diagnosticeo2@roycearbour.com>
Subject: Создание имиджа и рекламы пре
From: "OpenMarketTV" <pomegranates5@rkpt.com>
Subject: Создание имиджа и рекламы пре
From: "OpenMarketTV" <horrendousdfd74@royalfalcone.com>
Subject: Создание имиджа и рекламы пре
From: Pfizer <noreply@pfizer.com>
Subject: daniel_o_sinclair@pochta.premedic.amur.ru Pfizer -
From: "Pfizer Inc." <pameego8999@91gz.com>
Subject: Dear handsomekreisler -80% now
From: "Pfizer VIAGRA" <dalene.r.kayastha@beemagnet.nhs-f
Subject: Hey dalene.r.kayastha, official 80% discount
From: "Pfizer VIAGRA" <kimber_n_geer@mail2.premedic.org.
Subject: Hey kimber_n_geer, official 80% discount
From: Александр
Subject: Коммерческое предложен
From: nastypennimpede@mail3.premedic.bryansk.su
Subject: nastypennimpede VIAGRA � -65% discount

And

Example User Names Used By 82.132.xxx.xxx
User-name: aandjfafdj
User-name: ashtoncodling
User-name: beckiebertram
User-name: bpnncdijufjafdj
User-name: buhg
User-name: buhgalteria
User-name: bux
User-name: cbjndjfamfdj
User-name: cdqnxdjfanfdj
User-name: cjgndjufayfdj
User-name: cknddjwfalfdj
User-name: dbpndjfwasfdj
User-name: dir
User-name: ecnxdjfafpdj
User-name: epfnhdxjvfafndj
User-name: finance
User-name: gcnkdjfarfvdj
User-name: gpgnldejsfaifvdj
User-name: gprnldsjefaffxdj
User-name: hdjnedjfyajfydj
User-name: hr
User-name: iamjustsendingthisleter
User-name: info
User-name: jewelllengacher
User-name: konyddjyfagfdaj
User-name: nknjdjrffafgdwj
User-name: nndndmjxfrafcdgj
User-name: pbxndjfracfddkj
User-name: pcnhdjffayffdtj
User-name: ponndtjnfwaffjdxj

So, unless you're in the habit of spamming then I suggest you are unwittingly part of a botnet - I would suggest re-installing windows or at least running some A-Grade antivirus/anti-malware/anti-spyware/etc software because somebody is spamming from your IP.

 

[robjones]

I too was asked to do a couple of sums when I logged onto this site earlier this evening. I've just waited a couple of hours whilst two programmes swept our computer - amongst the three threats found was a fake bot net thingy - all disposed of now - I wasn't asked to do sums when I relogged into this site. Thanks for the heads up in the previous couple of posts Bubba!

Reminder to self: warn our incautious offspring yet again about perils of t'internet...

 

[martinm]

OK thanx. I will check it out.

I don't normally use Windoze, usually Linux. (Never had a virus type problem in over 10 years!)

It's just that I've just moved house and I'm in crappy Vista on a crappy mobile dongle ATM that Linux has no drivers for as far as I can tell.

Proper broadband should be coming next week, so back to happyland then, lol!

 

[graham]

OK thanx. I will check it out.

I don't normally use Windoze, usually Linux. (Never had a virus type problem in over 10 years!)

It's just that I've just moved house and I'm in crappy Vista on a crappy mobile dongle ATM that Linux has no drivers for as far as I can tell.

Proper broadband should be coming next week, so back to happyland then, lol!

What sort of dongle? Ubuntu has installed drivers for Vodaphone dongles for me before.

 

[martinm]

An O2 HUAWEI 3G Dongle. It did detect it initially, just asked my for a pin, etc. But all the ones I entered (after searching on the web), were rejected with the message "make sure your SIM is inserted." Doh. Then I tried a 3 ZTE dongle and it asked me for login details which looked promising, (and which I now have), but now says it can't find a suitable device with either dongle, lol. I prob need to upgrade to the latest version of ma distro.

Anyway Bubba, as far as I can tell my IP address is nothing like that. It starts with 10.60.

And I can detect no unusual outgoing data over my web link either...

 

[bubba]

a crappy mobile dongle

This might be the cause of the problem. A user on ukb has similar issues from an O2 mobile number. I suspect that when your new broadband connection is on the issues will go away. I reckon it'll be linked to somebody having spammed from that IP in the past rather than your computer being infected.

Your IP has probably changed if O2 allocate them dynamically - that was the one you were being blocked on when I checked yesterday.

 

[Maggot]

I haven't been asked to do sums or ant sort of captcha, but I do keep getting logged out.